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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

I )□ Responsive to communication(s) filed on . 

2a)D This action is FINAL. 2b)IEI This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) [X] Claim(s) 1-54 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) [>3 Claim(s) 1-54 is/are rejected. 

7) Q Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)13 The drawing(s) filed on is/are: a)D accepted or b)(XI objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

I I )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)Q None of: 

1 .□ Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 

3-D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . Claims 1-54 are presented for examination. 

2. The examiner partially considers the preliminary amendment filed on December 15, 
2000. The examiner did not consider the following preliminary amendment because the page and 
line number mentioned do not appear on the amended pages. Please check the pages and correct 
the preliminary amendment. 

Page 17, lines 2-3 delete "For example, one application may need a simple CA that is able to 
issue certificates and manage the life cycle of these certificates— and insert therefor --For 
example, one application may need a simple CA that is able to issue certificates and manage the 
life cycle of the certificates including revocation of certificates and generating certificate 
revocation lists--. 

Page 20, lines 2-7 delete "This LDAP publisher bean 370 publishes any specific parameters 
associated with such a request to an LDAP directory structure 373. Again, this may take place as 
the request winds its way through the PKI request system 300 an initial time. Or the publishing 
of the request in the LDAP directory 373 may take place in the return path of the request after 
reaching the terminus bean" and insert therefor-This LDAP publisher bean 370 publishes 
certificates or certificate revocation lists. These certificates or certificate revocation lists are 
obtained in the return path of the requests after reaching the terminus bean-. 

Claim Objections 
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3. Claim 40 objected to because of the following informalities: on line 1 8 the word "the" 
typed twice, and line 19 the word transmission spelled as " transmision". Appropriate correction 
is required. 

Drawings 

4. The drawings are objected to as failing to comply with 37 CFR 1 .84(p)(5) because they 
include the following reference character(s) not mentioned in the description: Fig. 3, 
"PKClOServer Bean 322" is written as "PKCSlOServer Bean 312" in the description on page 16 
line 25 and all the hand written numbers are not clear. Corrected drawing sheets, or amendment 
to the specification to add the reference character(s) in the description, are required in reply to 
the Office action to avoid abandonment of the application. Any amended replacement drawing 
sheet should include all of the figures appearing on the immediate prior version of the sheet, 
even if only one figure is being amended. The replacement sheet(s) should be labeled 
"Replacement Sheet" in the page header (as per 37 CFR 1.84(c)) so as not to obstruct any portion 
of the drawing figures. If the changes are not accepted by the examiner, the applicant will be 
notified and informed of any required corrective action in the next Office action. The objection 
to the drawings will not be held in abeyance. 

Claim Rejections - 35 USC § 102 

5. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 
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(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21 (2) 
of such treaty in the English language. 

6. Claims 1-6, 8-14, 16-22, and 24-54 are rejected under 35 U.S.C. 102(e) as being 
anticipated by French et al. (French, Pub. No: US 2001/0001877 Al) 

7. As per claims 1, and 25, French teaches an apparatus for managing a digital certificate on 
distributed computing system, the apparatus comprising: 

at least one reception software module that receives a request from a user and generates a 
reception event corresponding to that request; (Page 4 par. 0066, Fig. 45 130; application server 
receives user requests (110), Fig. 45 No. 120 authentication server receives user request from 
user (110) or application server (130)), 

at least one processing software module, communicatively coupled to the at least one 
reception software module and responsive to a propagated event, that performs an action 
regarding the management of the digital certificate; (Page 9 par. 0156, Fig. 45; authentication 
server (120) coupled to application server (130) and responsive to propagated event), 

any one the software modules replaceable with another software module responsive to the 
same propagated event but performing another action regarding the management of the digital 
certificate; (Page 4 par. 0066; client 1 10 and authentication server 120 can communicate for 
requested data directly without passing through application server 130) , and 
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the software modules executing independently from one another. (Fig. 45; application 
software module (130) is vendor's server, user (110), and authentication server (120) are all 
running separate). 

8. As per claim 40, it has been rejected under the same rational as claim 1 above. In addition 
at least one transmission software module, communicatively coupled to the at least one 

processing software module, that transmits information regarding the digital certificate on the 
distributed computing system in a first format in response to a propagated event; (Fig. 45; 
authentication server (120) transmits information to application server (130) and coupled to 
application server (120), application server (130) is also a processor and transmits digital 
certificates to users), 

the at least one transmission software module replaceable with another reception software 
module responsive to the same event that the replaced transmission software module is 
responsive to, and transmitting information in a second format; (Page 4 par. 0066; client 1 10 and 
authentication server 120 can communicate for requested data directly without passing through 
application server 130). 

9. As per claims 9, and 30 French teaches a computer program product on a computer 
usable medium, the computer usable medium having a computer usable program embodied 
therein for managing a digital certificate on a distributed computing system, (Page 2 par. 0020) 
the computer usable program including: 
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instructions for receiving a request from a user and generating a reception event 
corresponding to that request (Fig. 1 ; inputs users information and renders authentication 
decision, Fig. 37-40; issues digital certificates, Page 4 par. 0066; authentication server's 
instruction can also communicate with user and generate events and so as application server's 
instruction (130)), 

one or more instructions for performing an action regarding the management of the 
digital certificate, the instructions for performing communicatively coupled to the instructions 
for receiving and responsive to a propagated event; (Fig. 1, Fig. 12, Page 9 par. 0156), 

any one of the instructions replaceable with another set of instructions responsive to the 
same propagated event but performing another action regarding the management of the digital 
certificate; (Page 4 par. 0066, Fig. 45; authentication server (120) can communicate to user (110) 
with server directly with out application sever (130), and 

the instructions executing independently from one another. (Fig. 45; application software 
module (130) is vendor's server, user (110), and authentication server (120) are all running 
separate). 

10. As per claim 45, it has been rejected under the same rational as claim 9 above. In addition 

a first instructions for transmitting information in a first format regarding the digital 
certificate on the distributed computing system in a first format in response to a propagated 
event, the instructions communicatively coupled to the at least one processing software module; 
(Page 4 par. 0066, Fig. 45), 



Application/Control Number: 09/738,240 Page 7 

Art Unit: 2136 

the first instructions for transmitting replaceable with a second instructions for 
transmitting, the second instructions for transmitting responsive to the same event, and 

that first instructions were responsive to and transmitting information regarding the 
digital certificate in a second format; (Page 4 par. 0066; client 110 and authentication server 120 
can communicate for requested data directly without passing through application server 130) . 

11. As per claims 17, and 35, French teaches a method for managing a digital certificate on a 
distributed computing system, the method comprising: 

receiving a request from a user in at least one reception software module; (Fig. 45 No. 
110 and 130), 

generating a reception event corresponding to that request; (Fig. 45 No. 130 and 1 10), 

performing an action regarding the management of the digital certificate in response to a 
received event in an at least one processing software module, the at least one processing software 
module communicatively coupled to the at least one reception software module; (Fig. 45 No. 
120, page 8 par. 0145), 

any one of the software modules replaceable with another software module responsive to 
the same propagated event but performing another action regarding the management of the 
digital certificate; (Page 4 par. 0066; It is possible for client 1 10 and authentication server 120 
to communicate the requested data directly without passing through application server 130), and 

the software modules executing independently from one another. (Fig. 45; application 
software module (130) is vendor's server, user (110), and authentication server (120) are all 
running separate). 
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12. As per claim 50, it has been rejected under the same rational as claim 17 above. In 
addition 

receiving a request in a first format from a user in one or more reception software 
modules; (Page 4 par. 0066; application server (130), and authentication sever (120) both receive 
a request in a first format), 

performing an action regarding the management of the digital certificate in response to a 
received event in an at least one processing software module, the at least one processing software 
module communicatively coupled to the plurality of reception software modules; (Page 8 par. 
0145Fig. 45 No. 120 is communicatively coupled to No. 130, 110, 26, 32, 40, 1012, and 130), 

transmitting information regarding the digital certificate in a first format from a first 
transmission software module upon the reception of a propagated event; (Fig. 45 No. 130 
transmitting certificate to user (110) and also page 4 Par. 0066; authentication server 
communicating directly to user (1 10) to propagate event), 

the first transmission software module replaceable with a second transmission software 
module, the second transmission software module responsive to the propagated event and 
transmitting information regarding the digital certificate in a second format; (Page 4 par. 0066; 
It is possible for client 1 10 and authentication server 120 to communicate the requested data 
directly without passing through application server 130), and 

the software modules executing independently from one another. (Fig. 45; application 
software module (130) is vendor's server, user (110), and authentication server (120) are all 
running separate). 
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13. As per claims 2, and 26, French teaches the apparatus, wherein the plurality of reception 
software module is implemented in a computing system independent manner (Fig. 45 user (110), 
authentication server (120), and apparatus server (130)). 

14. c As per claim 3, and 27, French teaches the apparatus wherein the plurality of reception 
software module is implemented in Java (Page 3 par. 0062, page 4 par. 0071). 

15. As per claim 4, French teaches the apparatus wherein one of the at least one processing 
software modules is a sink bean (Page 1 1 par. 0180). 

16. As per claim 5, French teaches the apparatus wherein the sink bean certificate generation 
bean (Page 11 par. 0173). 

17. As per claims 6, and 29, French teaches the apparatus of claim 25 wherein one of the at 
least one processing software modules publishes information regarding the management of the 
certificate. (Page 11 par. 0180) 

18. As per claim 8, French teaches the apparatus of claim 1 wherein two of the software 
modules operate on different computing devices. (Page 1 par. 0019, Fig. 45 authentication server 
(120) and application server (130), and user (110)) 
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19. As per claims 10, and 31, French teaches the computer program product, wherein the 
instructions for receiving are implemented in a computing system independent manner (Fig. 45 
application server (130) and authentication server (120) both receive information (Page 4 par. 
0066) and compute independently). 

20. As per claims 11,32, French teaches the computer program product wherein the 
instructions for receiving are implemented in Java. (Page 3 par. 0062, page 4 par. 0071) 

21 . As per claim 12, French teaches the computer program product wherein 
instructions for performing are a sink bean. (Page 1 1 par. 0180) 

22. As per claim 13, French teaches the computer program product wherein the 
sink bean is a certificate generation bean (Page 1 1 par. 0173). 

23. As per claim 14, French teaches the computer program product of claim 9 wherein the 
instructions for performing publishes information regarding the management of the certificate 
(Fig. 45 No. 130, Page 4 par. 0066). 

24. As per claim 16, French teaches the computer program product of claim 9 wherein the 
instructions operate on different computing devices (Page 1 par. 0019, Fig. 45 authentication 
server (120) and application server (130), and user (110)). 
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25. As per claims 1 8, and 36, French teaches the method wherein the plurality of reception 
software module is implemented in a computing system independent manner (Fig. 45 user (110), 
authentication server (120), and apparatus server (130)). 

26. As per claim 19, French teaches the method wherein the reception software module is 
implemented in Java (Page 3 par. 0062, page 4 par. 0071). 

27. As per claim 20, French teaches the method wherein one of the at least one processing 
software modules is a sink bean (Page 1 1 par. 0180). 

28. As per claim 2 1 , French teaches the method of claim further comprising generating a 
certificate in the bean (Page 1 1 par. 0173). 

29. As per claims 22, and 54 French teaches the method of claim 19 further comprising 
publishing information regarding the management of the certificate in one of the at least one 
processing software modules (Page 4 par. 0156). 

30. As per claim 24, French teaches the method wherein two of the software 

modules operate on different computing devices (Page 1 par. 0019, Fig. 45 authentication server 
(120) and application server (130), and user (110)). 
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31. As per claim 28, French teaches the apparatus wherein one of the at least one processing 
software modules generates a digital certificate (Page 9 par. 0156). 

32. As per claims 33 and 48, French teaches the computer program product wherein the one 
or more instructions for performing generates a digital certificate (Page 1 1 par. 0180). 

33. As per claims 34, and 49, French teaches the computer program product of claim 30 
wherein the one or more instructions for performing publishes information regarding a digital 
certificate (Fig. 45 No. 130, Page 4 par. 0066). 

34. As per claim 37, French teaches the method wherein the plurality reception software 
modules are implemented in Java (Page 3 par. 0062, page 4 par. 0071). 

35. As per claim 38, French teaches the method of further comprising generating a 
certificate in one of the at least one processing software module (Page 9 par. 0156). 

36. As per claim 39, French teaches the method of claim 35 further comprising publishing 
information regarding the management of the certificate in one of the at least one processing 
software modules (Page 11 par. 0173). 

37. As per claim 41, French teaches the apparatus, wherein the at least one reception software 
module and the at least one transmission software module are implemented in a computing 
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system independent manner (Fig. 45 user (1 10), authentication server (120), and apparatus server 
(130)). 



38. As per claim 42, French teaches the apparatus of claim 41 wherein the at least one 
reception software module and the at least one transmission software module are implemented 
are implemented in Java (Page 3 par. 0062, page 4 par. 0071). 



39. As per claim 43, French teaches the apparatus of claim 40 wherein one of the at least 
one processing software modules generates a digital certificate (Page 1 1 par. 0180). 

40. As per claim 44, French teaches the apparatus of claim 40 wherein one of the at least 
one processing software modules publishes information regarding the management of the 
certificate (Page 9 par. 0155). 

41. As per claim 46, French teaches the computer program product, wherein the first 
instructions for transmitting and the second instructions for transmitting are implemented in a 
computing system independent manner (Fig. 45 application server (130) and authentication 
server (120) both receive information (Page 4 par. 0066) and compute independently). 

42. As per claim 47, French teaches the computer program product of claim 46 wherein the 
first instructions for transmitting and the second instructions for transmitting are implemented in 
Java (Page 3 par. 0062, page 4 par. 0071). 
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43. As per claim 51, French teaches the method, wherein the first transmission software 
module and the second transmission software module are implemented a computing system 
independent manner (Fig. 45 user (1 10), authentication server (120), and apparatus server (130)). 

44. As per claim 52, French teaches the method wherein the first transmission software 
module and the second transmission software module are implemented in Java. (Page 3 par. 
0062, page 4 par. 0071) 

45. 53. As per claim 53, French teaches the method further comprising generating a 
certificate in one of the at least one processing software module (Page 1 1 par. 0173). 

Claim Rejections - 35 USC § 103 

46. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 
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47. Claims 7, 15, and 23 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
French et al. (French, Pub. No: US 2001/0001877 Al) in view of Carter (US Patent No.: 
6,738,907 Bl) 

48. As per claim 7, French teaches all the subject matter described above. 

French does not explicitly teach software a module publishes information in LD AP 
directory. 

However, Carter teaches the apparatus wherein the one of the at least one software 
modules publishes information in directory service protocol such as the Lightweight Directory 
Access Protocol. (Col. 4 lines 11-33, col. 5 lines 22-34) 

Therefore, it would have been obvious to one having ordinary skilled in the art at the time 
the invention was made to employ the teachings of Carter with in the system of French because 
it would implement the database according to LDAP directory service protocol and allow access 
to directory server (Col. 4 lines 11-33, col. 5 lines 22-34). 

49. As per claim 15, French teaches all the subject matter described above. 

French does not explicitly teach software a module publishes information in LDAP 
directory. 

However, Carter teaches the computer program product wherein the one of the at least 
one software modules publishes information in directory service protocol such as the 
Lightweight Directory Access Protocol. (Col. 4 lines 1 1-33, col. 5 lines 22-34) 
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Therefore, it would have been obvious to one having ordinary skilled in the art at the time 
the invention was made to employ the teachings of Carter with in the system of French because 
it would implement the database according to LDAP directory service protocol and allow access 
to directory server (Col. 4 lines 11-33, col. 5 lines 22-34). 

50. As per claim 23, French teaches all the subject matter described above. 

French does not explicitly teach software a module publishes information in LDAP 
directory. 

However, Carter teaches the method wherein the one of the at least one software modules 
publishes information in directory service protocol such as the Lightweight Directory Access 
Protocol. (Col. 4 lines 11-33, col. 5 lines 22-34) 

Therefore, it would have been obvious to one having ordinary skilled in the art at the time 
the invention was made to employ the teachings of Carter with in the system of French because 
it would implement the database according to LDAP directory service protocol and allow access 
to directory server (Col. 4 lines 11-33, col. 5 lines 22-34). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Eleni A Shiferaw whose telephone number is 703-305-0326. 
The examiner can normally be reached on Mon-Fri 8:OOam-5 :00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R Sheikh can be reached on 703-305-9648. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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